Jump to content

Network R&D tool input

Recommended Posts

Well hello everyone...... has been a long long time. Sorry for the absence but work, family and life in general does get in the way sometimes. Anyways to the point for the last 3 years have been going about my pentesting career and lately have been involved in the R&D on a new network auditing and monitoring suit of tools. They are not letting off much at all on what they are working on but have said it's a network tool and they have given me a feedback form or should I say book of forms and the bulk of it is them asking what arsenal of tools/features would I want to see if I could make my own product for my own network? Good question to be honest as this is something I've not really thought about. As I use metasploit in pretty much all of my pen tests, I only really look at it from one side of the fence and again use the same steps for all my pen tests to be honest apart from the odd tweak here and there if needed. But from a network managers point of view what would they want and what tools would they want to encompass for network monitoring, pattern detection, network A.I, port and device scanning, traffic info, exploit testing, sql scanning, auditing and reporting in real time ect, credential security ect you name it. 


So so being blunt, not for you guys to do my homework for me but if it was your network and you had a tailor pick a suit of tools (open source) then what would they be and why? 



Link to comment
Share on other sites

  • 2 months later...

Network Monitor Port Monitoring : Cacti (free)
Device Monitoring: Nagios / Icinga / Check_MK 
SIEM: Splunk / SyslogD (for up to 500MB Data / Day free)
Traffic Analysis: Security Onion (Snort, Bro, Snorby..., free)
Pattern Detection - Endpoint: Trend Micro Client Server messaging suite
Pattern Detection - Gateway / Proxy: Bluecoat Proxy SG with CAS Services 
Pattern Detection - Gateway / Router: Kaspersky Engine / IDS Components from Juniper
Pattern Detection / AV / Log Inspection etc: Trend Micro Deep Security
Auditing: openVAS (free with community license)

All of those is / has been running on my networks, sadly there is no "one size fits all" product with one single report builder, so its a ton of information to look after

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...